Security Basics mailing list archives

Re: Finding which programme started an outgoing connection

From: mcsegold () gmail com
Date: Tue, 8 Feb 2011 23:22:15 +0000

Hi folks,
Fport does a better job of showing the processes and their ports in use. However most antivirus products bark at it. If 
it's a machine you administratively control, try it. If not, the previous reply to use netstat -ano and then use 
taskmgr or tasklist to identify the process is good. 

I would recommend using process explorer by sysinternals to find the actual location of the exe on the hard disk. I use 
this instead of task manager. Use the add columns option to pick "image path" and you'll see the actual location of 
every exe or service running. It's great.
------Original Message------
From: tomasello2000 () yahoo com
Sender: listbounce () securityfocus com
To: security-basics () securityfocus com
Subject: Re: Finding which programme started an outgoing connection
Sent: Feb 8, 2011 11:34 AM

One very quick way is to use netstat -ano  This will show you the pid that your connection is using, from there you can 
use taskmanger to determine the process.  netstat also has some other switchs you can use.  You can also use tasklist 
to get detailed information on the processes currently running.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



-------------------------------
Sent from my Verizon BlackBerry
Haresh M. Advani, IT Security Expert
Director of Information Technology
-------------------------------

Current thread:

RE: Finding which programme started an outgoing connection, (continued)
- - RE: Finding which programme started an outgoing connection Matthew Reed (Feb 10)
  - Re: Finding which programme started an outgoing connection Nikhil Manampady (Feb 10)
    - Re: Finding which programme started an outgoing connection Littlefield, Tyler (Feb 10)
    - Re[2]: Finding which programme started an outgoing connection Adam Pal (Feb 11)
    - Re: Re[2]: Finding which programme started an outgoing connection Nikhil Manampady (Feb 11)
- Re: Finding which programme started an outgoing connection anthony kasza (Feb 08)
- Re: Finding which programme started an outgoing connection Richard Thomas (Feb 11)
  - AW: Finding which programme started an outgoing connection FH_Steini (Feb 11)
- Re: Finding which programme started an outgoing connection tomasello2000 (Feb 08)
- Re: Finding which programme started an outgoing connection scott_conklin (Feb 10)
- Re: Finding which programme started an outgoing connection mcsegold (Feb 10)